For example, in an electronic device that is connected to a network, when software that is applied to (installed in) the electronic device is illegally altered, the electronic device does not normally operate, and thus there is a concern that the abnormal operation has an adverse effect on the entirety of the network. Accordingly, in the electronic device connected to the network, it is demanded to guarantee that the software applied to the electronic device is a regular one. As a method of checking rightness of the software, a verification function such as secure boot is known. The secure boot is a function of checking that software such as firmware is a regular one during activation of the electronic device. The software (program) is executed only in a case where the verification of the software by the secure boot succeeds, and the electronic device can be normally activated.
The secure boot is effective to secure reliability of the network, and an application to an electronic device such as an electronic control unit (ECU), which is connected to, for example, an in-vehicle network system, has been examined. However, when verification of the software by the secure boot fails, the electronic device becomes impossible to be activated, and it is necessary to consider a countermeasure when the verification fails. In addition, there is a demand for a mechanism capable of recovering the software of the electronic device, which fails in verification, in a convenient and safe manner without limitation to the secure boot.